Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8032835

Security Dialogs should display OU/O field for Publisher if CN field is empty

    XMLWordPrintable

Details

    • b06

    Backports

      Description

        The CN component of the subject field of a certificate is used as the Publisher name in a security dialog. If the CN field is missing, "Unknown" will be displayed, which is not user-friendly. Also there are additional components in the distinguished name that can be used to identify the certificate's subject.

        If the CN field is empty, I think we should display the OU field (and maybe the O field as well).

        This is likely to become a more common scenario. The CA/Browser Forum has made a recommendation discouraging the use of the CN field in section 9.2.2 of the baseline requirements v1.1.6 and 9.2.3 of the EV Code Signing Guidelines:

        https://cabforum.org/Baseline_Requirements_V1.pdf
        https://cabforum.org/wp-content/uploads/EV_Code_Signing_Guidelines_v1_1.pdf


        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8056090 Security Dialogs should display OU/O field for Publisher if CN field is empty

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8063229 Security Dialogs should display OU/O field for Publisher if CN field is empty

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8070630 Security Dialogs should display OU/O field for Publisher if CN field is empty

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8082318 Security Dialogs should display OU/O field for Publisher if CN field is empty

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Activity

              People

                dtitov Daniil Titov (Inactive)
                mullan Sean Mullan
                Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: